Information Security Analyst

DINMA ODIAKOSA

adzrp6@r.postjobfree.com 312-***-****

linkedin.com/in/dinma-odiakosa-60ab06167

Summary

PROFILE SUMMARY

Highly skilled IT Controls Specialist with a strong background in IT General Controls, SAP, Audits, Policies, procedures and Risk Management. Proficiency in managing email security, data loss prevention (DLP), and content proxy tools. Expertise in enhancing IT processes to ensure regulatory compliance and standards such as HIPPA, ISO27001, PCI and SOX and work with internal audit staff to conduct regular tests and audits. Combining technical expertise with governance, I am dedicated to promoting effective risk management practices within the organization.

Experience

Information Security Analyst

Grainger

Feb 2023 - Jul 2023 (6 months)

Assist with implementing the information security strategy for the Grainger subsidiaries, Collaborate with global subsidiary teams to ensure appropriate solution design and architecture, project planning, schedule, and delivery.

Support global cybersecurity projects, ISO 27001, PCI DSS and NIST. Collaborate with cross-teams at Grainger and Grainger’s global subsidiaries, such as enterprise security, technology, portfolio management, legal, privacy, corporate functions, and suppliers/vendors. Develop monitoring metrics and dashboards for teams and senior management measuring progress and risk mitigation for services delivered.

Maintain governance findings data within GRC tool such as OneTrust. Information Security Analyst

MilDEENG Systems

Mar 2021 - Jan 2023 (1 year 11 months)

Gather, integrate, and provide for reporting of relevant and credible information indicative of a potential or actual insider threat to deter employees from becoming insider threats; detecting insiders who pose a risk to classified information; and mitigating the risk of an insider threat.

•Collects, reviews, interprets, correlates, and analyzes employee-related data to identify behaviors indicative of an insider threat utilizing a variety of classified and unclassified databases.

•Perform project planning and scheduling, manage tasks, and coordinate project resources to meet objectives and timelines.

•Making sure the organization complies with security frameworks (eg FedRAMP, ISO 27001, CMMC, NIST 800-171 CUI).

•Analyze management and technical controls to ensure that specific security and compliance requirements are met through the verification of documented processes, procedures and standards in order to validate maintenance of secure configurations. Track enterprise compliance across multiple security frameworks including ISO 27001, NIST and FISMA and maintain up-to-date records of requirements and corresponding mitigating controls.

•Monitor third-party risk assessments and assist in performing internal risk assessments. DINMA ODIAKOSA - page 1

•Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle.

•Monitor organization change management process to ensure compliance.

•Develop key performance metrics to track and ensure compliance with established policies and standards

Compliance Analyst

CrowdStrike

Aug 2019 - Aug 2020 (1 year 1 month)

(1 year 1 month)

Support development of security processes and procedures and support service-level agreements to ensure that security controls are managed and maintained.

•Participate in the development of security and privacy awareness training in conjunction with other members of the Security Compliance group.

•Plan, execute and lead security audits across an organization related to SOC, ISO 27001 and other compliance initiatives

•Highlighting shortcomings in the operation of platform security and compliance processes ensuring they are appropriately addressed

•Coordinate efforts for internal and external audits

•Using existing firm policies and standards, and applicable industry regulations to plan, maintain, and operate compliance activities

•Develops, reviews, prepares and analyzes compliance and assessment documents

•Conduct periodic reviews/audits of systems to insure adherence to current procedures and policies by all areas within the firm

•Work with business units and IT support staff to design remediation where deficiencies are identified

•Perform vulnerability assessments and develop related mitigation strategies

•Work with outside consultants as appropriate for independent security audits and/or testing Netskope

Compliance Analyst

Netskope

Jan 2018 - Jul 2019 (1 year 7 months)

Perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations, and recommend mitigation strategies

•Validate and verifies system security requirements definitions and analysis and establishes system security designs

•Design, develops, implements and/or integrates IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements.

•Implement and align the Information Security program within company’s policies and procedures to protect confidentiality, integrity, and availability of corporate data and resources.

•Research, evaluate, and recommend security solutions and practices to enhance the company’s Information Security Program.

•Monitor, analyze, review, and respond to all related security incidents, risks, and threats to the organization.

•Conduct and review monthly vulnerability assessments and penetration tests on endpoints, applications, and network infrastructure to summarize the assessments, and recommend remediation. DINMA ODIAKOSA - page 2

•Implement clear and actionable vulnerability remediation plans and collaborate with IT teams that are executing the remediation.

•Respond to cyber incidents and threat reports by providing insightful research and analysis.

•Interface with third party vendors that are responsible for delivering security services.

•Administer security awareness, cybersecurity training, and phishing exercises for all users.

•Perform vendor security assessments to identify potential security risks.

•Participate in the company’s annual SOC 2 Type II audit.

•Manage IT Security service delivery by determining request priorities to ensure customer requests are triaged and resolved in an appropriate manner.

Education

Illinois State University

Information Technology/Bachelors, Telecom Management Skills

information security • ISO 27001 • Payment Card Industry Data Security Standard (PCI DSS) • U.S. Health Insurance Portability and Accountability Act (HIPAA) • FedRAMP • FedRAMP • SAP ERP • SOX 404 Top–Down Risk Assessments (TDRA) • Auditing • Policies & Procedures DINMA ODIAKOSA - page 3

Contact this candidate